On September 9, 2019, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that it had settled its first ever HIPAA enforcement action arising from alleged violations of the individual right to access health information under HIPAA. OCR entered into a settlement with Bayfront Health St. Petersburg (Bayfront) in response … Continue Reading
As Hurricane Florence was making landfall, Department of Health and Human Services Secretary Alex Azar issued HIPAA guidance that outlined when hospitals in declared state of emergency areas can qualify for a waiver of certain provisions of the HIPAA Privacy Rule, including fines and penalties. According to the guidance, “the HIPAA Privacy Rule allows patient … Continue Reading
On January 8, 2018, Ciox Health, LLC (Ciox) filed a complaint against the Department of Health and Human Services (HHS) and then-acting Secretary Eric D. Hargan, alleging that the Department’s rules and guidance, under HIPAA and HITECH, “impose[] tremendous financial and regulatory burdens on health care providers and threatens to upend the medical-records industry that … Continue Reading
Fax machines are still used in the medical community, and these days, faxing may be more secure than emailing as hackers have not yet cracked the task of hacking into old fax machines. All kidding aside, fax machines have been, and continue to be a risk to organizations as they have the ability to store … Continue Reading
Residents in remote areas of Tanzania and Rwanda in East Africa are receiving medical supplies through the use of drones, far surpassing similar efforts in the U.S., according to Robert Graboyes, a senior research fellow at George Mason University. In Rwanda alone, according to RealClear Health, drones have delivered 2,600 units of blood and have … Continue Reading
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) is responsible for enforcing the HIPAA Privacy and Security Rules. Any person who believes that a covered entity or business associate is not complying with HIPAA may file a complaint with OCR (complaints may also be submitted directly to a covered entity). … Continue Reading
For those of you who know me, you know that I have been very frustrated with the federal and state governments for continuing to use Social Security numbers for eligibility, enrollment and participating in Medicare and Medicaid. This includes listing individuals’ Social Security numbers on the Medicare and Medicaid cards. The good news is that … Continue Reading
This week, the Department of Health and Human Services (HHS) issued its “Report on Improving Cybersecurity in the Health Care Industry,” which is the culmination of a year-long effort on behalf of the Cybersecurity Task Force, made up of industry professionals from the public and private sectors to identify and develop recommendations “on the growing … Continue Reading
On November 30, 2016, the U.S. House of Representatives voted strongly in favor of the 21st Century Cures Act (the Act), an expansive health bill that addresses the discovery and development of new medical therapies as well the delivery of health care treatment by providers. In 2015, the House had previously approved an earlier version … Continue Reading
In its third release of HIPAA guidance over the past few weeks, the Department of Health and Human Services (HHS) released“The Real HIPAA: Care Coordination, Care Planning, and Case Management Examples” to assist covered entities and business associates in determining what disclosures of protected health information are permitted under HIPAA. The blog post gives examples … Continue Reading
On February 5, 2016, the Department of Health and Human Services (HHS) issued proposes changes to the Confidentiality of Alcohol and Drug Abuse Patient Records regulations, also known as “Part 2 records” which were published in the Federal Register on February 9, 2016. Significantly, the proposed changes update Part 2, which was originally enacted in … Continue Reading
In a press release issued on January 3, 2016, the Department of Health and Human Services announced that “as part of President Obama’s continuing efforts to reduce gun violence…HHS…issued a Notice of Proposed Rulemaking (NPRM) to remove unnecessary legal barriers under …HIPAA…that may prevent states from reporting certain information to the National Instant Criminal Background … Continue Reading
The House of Representatives Energy and Commerce Committee issued a report late last week that the information security of the Department of Health and Human Services (HHS) has substantial weaknesses. Several incidents that occurred between 2012 and 2014 indicated that several agencies were compromised or attacked without the agency’s knowledge. In one instance, the report … Continue Reading
The Department of Health and Human Services (HHS) has released a fact sheet on the privacy, security, and breach notification rules of the Health Insurance Portability and Accountability Act (HIPAA). Designed to apply to HIPAA-covered entities, including health care organizations, health care plans, providers, and their business associates, the fact sheet provides a basic overview … Continue Reading
